CVE-2020-36245: Code Injection
(updated )
GramAddict allows remote attackers to execute arbitrary code because of use of UIAutomator2 and ATX-Agent. The attacker must be able to reach TCP port, e.g.
, by being on the same Wi-Fi network.
References
Detect and mitigate CVE-2020-36245 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →